<?php
include_once 'fun.php';
include_once 'islogin.php';
$_SESSION['isadmin']=isset($_SESSION['isadmin'])?$_SESSION['isadmin']:'';
if ($_SESSION['isadmin']!=1&&$_SESSION['isadmin']!=-1) {
    header('Refresh:1;url=shop.php');
    die("请以库存管理员身份登录");
}
    //var_dump($_POST);
    $Name = trim($_POST['Name']);
    $stockin = isset($_POST['stockin'])?$_POST['stockin']:0;
    $price =isset($_POST['price'])?trim($_POST['price']):0;
    $id=(int)$_POST['id'];
    $category  = isset($_POST['category'])?$_POST['category']:'';
    $p  = isset($_POST['p'])?$_POST['p']:'';
    $rsc=$_FILES['pic'];
    $pic='';
    if($rsc)
    {
        $file_name = $rsc['name'];
        $name_array = explode('.',$file_name);
    $base=array_pop($name_array);
    $path='pics/'.time().mt_rand().'.'.$base;
    if(move_uploaded_file($rsc['tmp_name'],$path))
    {
        imgSize($path,150,100 );
        $pic='pics/size'.basename($path);
        unlink($path);
    }
    else
    $pic=$p;
    }
    //var_dump($id);
   // $pic='pics/default.PNG';
    if(empty($Name))
    {
    header('Refresh:0;url=stock.php');
    die("商品名不能为空");
    }
   
    else
    {
        $con=connect();
        $sql = "select productid from product where Name like '$Name' ";
        $res=query($sql,$con);
        $a=mysqli_fetch_row($res);
        if($res->num_rows>1||($res->num_rows==1&&$a[0]!=$id)){
            alertMes("商品名不能相同",'stock.php');
            exit;
        }
        if($category!='')
        $sql = "update product set Name='{$Name}',stocknum={$stockin},costoverall={$price},pic='{$pic}',category='{$category}' where productid={$id}";
        else
        $sql = "update product set Name='{$Name}',stocknum={$stockin},costoverall={$price},pic='{$pic}' where productid={$id}";

        query($sql,$con);
        echo '保存成功';
        
    header('Refresh:0;url=stock.php');
    
    }
    
    
?>